[zorp] Any plans for SIP support
Igor S. Livshits
igorl@webley.com
Wed, 14 Mar 2001 12:40:30 -0600
At 10:24 AM +0100 on 3/14/01, Balazs Scheidler wrote:
>What is SIP good for, and how do you think it could be
>implemented on a firewall?
SIP is a signaling protocol for media streams (e.g., voice over RTP).
An ideal implementation would include the following ingredients:
1. Open incoming port 5060 (standard SIP port)
2. Dynamic opening and closing of channels for media streams
(RTP/RTCP) as negotiated by SIP messages
3. NAT for both SIP and media
4. Rewriting of SIP payloads to correspond to NAT (i.e., a
special-purpose slim SIP proxy)
For some examples, take a look at the Cisco PIX "sip fixup" [payload
adjustment lacking], Aravox media firewall coupled with a dynamicsoft
firewall control proxy, the offering from Microappliances
<http://www.microappliances.com/applications/ALG/alg.html> [limited
information on functionality], and the Linux SIP masquerade module
<http://www.siphappens.com/masquerade/draft-biggs-sip-nat-00.txt>.
Thanks, Igor